ITS HomepageITS

Trusted IT Solutions

News

Webcam Scam

We have received several helpdesk tickets regarding an email with some eerily personal information and threats.

The email contains one of your current or former passwords, likely posted on the internet after a data breach at a company where those credentials were used.  The emails continue to describe footage captured of you on your webcam and requests a bitcoin ransom to keep the footage from being shared.

The email is a hoax.

Yes, your password was at one time compromised. If you are still using that password anywhere, change it!

Do not reply to the email or interact with the sender. You do not need to make a payment, and there is no footage.

Think about your passwords on other websites and whether they may need changed:
-Use long and strong passwords: Consider using an entire phrase instead of one word.
-Use unique passwords: Each website or service requires a new and different password.
-Consider using two-factor authentication when available, so you are also required to receive and submit a code in addition to your password.

See a sample email and learn more about this scam.

Online Shopping Safety

The holiday shopping season and online deals seem to arrive earlier each year; now is a great time to review some online shopping safety tips, and prepare your computer or device for a safe shopping experience.

  1. Look for a secure checkout page. This is generally indicated with a padlock in the browser’s address bar and an address that begins with: https:// (instead of http://)
  2. Read reviews for new or unfamiliar digital storefronts – even sites with https:// can still be a scam or skim your payment information, and other shoppers may have posted reviews or warnings online.
  3. Use unique passwords for each site; if a website is hacked, there is a good chance your credentials will be posted online or sold to the highest bidder. If you use the same email/password combination for multiple websites, these accounts also become vulnerable.
  4. When setting up accounts, consider adding two-factor authentication when it is available. This may send a code via text message or email to guarantee your identify.
  5. As you scroll through the purchase screens, look carefully at the boxes you can check/uncheck regarding your email address. You can often choose to only receive messages related to your specific order, and eliminate extra email in your inbox advising you of sales and special discounts months from now. A clean inbox is a safer inbox!
  6. Check your computer and browsers for updates. You should also check your browser for added extensions/plugins, check the preferred search engine and check the homepage/new tab settings. Odd settings in these areas can often be a sign that your browser was hijacked or you have virus/malware or other unfriendly installation on your computer.
  7. Consider a Virtual Credit Card if your provider offers this service: a virtual card acts like a digital representation of your real credit card. Your virtual card can simply be deleted if compromised, instead of ordering and waiting for a new physical credit card.
  8. Limit the amount of transactions or business you perform over public Wi-Fi connections.
  9. Don’t click on links in online advertisements or in your email without checking their validity first: hover over the links without clicking to see a preview of the destination address. Some websites are really tricky – can you see the difference between www.amazon.com and say www.amaz0n.com? The second address has a zero instead of the normal spelling.
  10. Don’t open attachments in an email unless you are expecting an attachment from that sender. A current threat is a fake invoice sent from users in your contact list. You might be familiar with the person sending the email, but does that person normally send your invoices? It is always a good idea to contact the sender personally before opening, to ask if they intended to send you an attachment.
  11. Be cautious when installing shopping, coupon and holiday apps – especially on Android devices. Apps will often appear to offer great shopping deals, but may actually steal your data.
  12. When shopping at a new online venue, search for online reviews or ratings. Use the words “fraud” or “scam” in your search. Pay attention to grammar, spelling and design on the website – if anything appears “off”, the website may be a scam, and  the deals too good to be true.

More online safety tips from The National Cyber Security Alliance

Fake Adobe Flash – Mac

Our techs have seen a few machines (Mac laptops specifically) come through recently that have fallen victim to the same fake Adobe Flash update prompt.

These users were all performing seemingly normal tasks on Chrome, clicked on a link to go to a specific site, and the link popped up a series of Adobe Flash update prompts. While the users had intended to go to a specific site to gather information for a lesson or check sources for student projects, the resources they were seeking had been hijacked and now housed a nefarious hacking tool.

Thinking they did indeed need an Adobe Flash update, they clicked.

Some or all of the following symptoms then occurred:

  • Pop-ups everywhere, for all sorts of products and virus warnings
  • Offers to clean their infected machine.
  • Default search engine changed.
  • Home page and new tab page changed
  • Web browser beeping and talking to them, warning them that their computer was infected
  • Attempts to open new tabs blocked by their firewall, as those pages were leading to other infected and/or inappropriate content.
  • Other browsers also infected

ITS was contacted and began clean-up on the machines. Normally, with a Mac laptop, we can run a couple clean-up tools remotely to reset the browsers and get the user back to their normal browser experience within an hour. These machines were infected to a point that we had to physically reload the machines and reset their user profile; our standard cleanup tools and procedures were ineffective.

During an evening Pinterest browsing session for some Halloween costume components last night, I experienced the same fake Adobe Flash update. I took a screenshot, then closed the problematic active tab.  (I also reported the bad link on Pinterest) The link I clicked was supposed to take me to an easy-to-sew bow tie pattern, but alas, the craft blog site was either hacked and redirected, or allowed to expire and claimed by someone spammy.

Look at the features in the screenshot that set off warning bells for me:

  • The address in the address bar is not the address I was seeking, and also not an Adobe address
  • The pop-ups appear multiple times, and appeared again when I attempted to interact with the browser
  • Most software/plug-in updates will be served by your system and not by the browser – these definitely came from my browser
  • When I hovered over the buttons on the pop-ups, I could see the intended address at the bottom of my browser – again, not an Adobe site or my intended craft-blog site.

While I had been hoping to see and capture the fake Adobe Flash update in the wild, it still surprised me! My first reaction was to reach for the download button. I gathered my wits in time, though, and looked at the address bar, the multiple pop-ups and hovered over the buttons.

Adobe Flash is being phased out, due to security issues. Most websites that previously relied on Adobe Flash content are now using HTML 5 coding to provide a safer experience, and use an embedded plugin for their Flash content. If you receive an Adobe Flash update window, and think you may actually be due for an update, you can always visit the site directly to check: https://helpx.adobe.com/flash-player.html

Leslie is the Marketing Manager at ITS, and provides timely technology tips for our end-users. She is sending The White Rabbit (Alice In Wonderland), Ichabod Crane and a Deer Hunter trick-or-treating this year.

 

Social Media at Work

Should my employees have access to social media at work?

There are two facets to consider in this answer: network security and employee productivity.

If employees are using corporate devices to access their social media sites and perform light web browsing, then your network security is definitely impacted. If employees are using their personal devices for social media and web browsing, then your network security may not be at risk, but your bandwidth (amount of internet available) may be impacted.

Even a simple scroll through the local news can lead employees to click on an errant link – something they think may be a link to a local event or another news story, but is instead a link to a browser hijack or drive-by-download of a virus or malware.

Best practice would be to train employees to not use corporate devices or the corporate network for web browsing. Many of our SMB clients have employees that access corporate data and applications through a remote desktop or cloud server; we also recommend that web browsing and social media never occur on that server connection.

If you have enterprise network gear, setup a guest wireless connection for personal devices. This will also allow you to throttle bandwidth to specific sites, so all of your bandwidth isn’t supporting one employee’s latest Netflix binge.

If you don’t have a company policy to outline employee expectations regarding the use of social media on breaks or at their discretion during work hours, take the time to develop one.

Looking for more resources on social media in the workplace? Try these:

Social Media Security Tips for Employees
Social Media Security Tips for Managers/Employers